<?php

if (!defined('PUBLIC_HTML'))
{
	exit;
}

$submit		= (isset($_POST['submit'])) ? true : false;
if (!$user_id || $user_id == '' || !is_numeric($user_id) || $db->sql_count(TABLE_USERS, 'user_id', $user_id) == 0)
{
	redirect('cms.php?p=users');
	exit;
}



/***********************
* GETTING THE USER
************************/
$get_user =	"
			SELECT		*
			FROM		" . TABLE_USERS . "
			WHERE		user_id = '" . $user_id . "'
			LIMIT		1
			";
$sql_user = $db->sql_query($get_user);
$row_user = $db->sql_fetch_assoc($sql_user);

/***********************
* EDITING THE USER
************************/
if ($submit) 
{
	
	$p_username = htmlentities($_POST['username'], ENT_QUOTES);
	$p_password = $string->secure($_POST['user_pass'], 'password');
	$p_active	= 1;
	$p_level	= intval($_POST['user_level']);    
	
	// Gather data and prepare for insertion
	$post = array(
		'user_id'		=> $row_user['user_id'],
		'username'		=> $p_username,
		'user_active'	=> $p_active,
		'user_level'	=> $p_level
	);
	if (!empty($p_password))
	{
		$post['user_pass'] = $p_password;
	}
	
	
	if ($post['username'] == '' || $post['user_pass'] == '')
	{
		$error_message = 'U heeft niet alle velden ingevuld';
	}
	/*elseif ($db->sql_count(TABLE_USERS, 'username', $post['username']) > 0) 
	{
		$error_message = "Er bestaat al een gebruiker genaamd " . $post['username'] . " in de database!";
	}*/
	else
	{
		$error_message = '';
		
		// Insert the data
		$db->sql_update_row(TABLE_USERS, $post, 'user_id', $post['user_id']);
		
		// Redirect to the userlist
		redirect('?p=users&edit_succes=1');
		exit;
	}
}
else
{
	
	// Initial error message
	$error_message = '';
	
	$post = array(
		'username'	=> '',
		'user_pass'	=> ''
	);
}

$tpl_content_vars = array(
	'USERNAME'	=> ($post['username'] == '') ? $row_user['username'] : $post['username'],
	'PASSWORD'	=> $post['user_pass'],
	'L_SELECTED'=> ($row_user['user_level'] == '1') ? ' selected="selected"' : '',
	'F_SELECTED'=> ($row_user['user_level'] == '2') ? ' selected="selected"' : '',
	'ERROR'		=> $error_message,
);
$tpl_content->assign($tpl_content_vars);
if ($user->is_admin)
{
	$tpl_content->newBlock("ADMIN");
}

if ($user->is_admin)
{
	$tpl_content->newBlock("USER LEVEL");
}

?>